Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vh5JUwdYAJWDuhDXrKRadBVriEg.roa
File: vh5JUwdYAJWDuhDXrKRadBVriEg.roa (raw, json)
Hash identifier: rdqkmoPnbmH8z2Uza8M3LIGV0iEW4BxfhpXpGet+OHI=
Subject key identifier: BE:1E:49:53:07:58:00:95:83:BA:10:D7:AC:A4:5A:74:15:6B:88:48
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018B3E64F8D89424F7A70C51FB10E8336E55
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vh5JUwdYAJWDuhDXrKRadBVriEg.roa
Signing time: Tue 17 Oct 2023 16:08:06 +0000
ROA not before: Tue 17 Oct 2023 16:08:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46450
IP address blocks: 89.213.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3e:64:f8:d8:94:24:f7:a7:0c:51:fb:10:e8:33:6e:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 17 16:08:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be1e49530758009583ba10d7aca45a74156b8848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:9f:09:5f:e5:cd:8a:e6:85:b2:9a:73:d8:d0:
9d:de:a7:dc:4c:37:68:67:8d:d7:a4:75:64:9d:f3:
60:2d:ac:b1:af:0f:87:10:5b:46:9b:21:9d:bf:c8:
6f:0b:f7:04:9b:40:45:c6:30:a7:14:e9:f6:60:19:
43:50:90:72:f5:5a:cf:e8:7b:75:97:01:f2:a5:51:
ec:cb:57:ce:0d:e0:87:e7:e0:ed:b9:33:90:b2:c3:
b0:9b:96:dc:04:37:9b:84:d3:67:76:c7:d7:91:ab:
28:26:09:18:af:cb:3a:aa:7c:e4:5a:7b:77:32:42:
7b:7d:10:55:f7:0b:61:29:e6:49:0c:f5:07:6b:c2:
f7:34:b6:c1:ac:d9:20:37:91:c9:48:8e:4a:cd:74:
79:18:7f:46:63:d8:e8:b2:23:d8:46:ee:7c:a7:25:
0f:77:9a:f1:bf:bd:67:09:4f:f7:49:02:9a:ab:77:
3b:ab:d0:a6:39:de:4b:94:15:b3:a3:ed:20:e2:8d:
ae:9c:97:a1:e3:c3:11:c0:02:11:bd:0d:c3:ae:af:
b7:d4:9c:7a:90:fa:89:b2:fc:08:ad:e7:89:2c:68:
58:b1:68:26:92:af:ca:ed:3e:1f:04:6f:ca:de:b4:
ae:6d:83:e9:d1:ea:13:0e:a5:8e:7f:0e:d0:02:41:
7e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:1E:49:53:07:58:00:95:83:BA:10:D7:AC:A4:5A:74:15:6B:88:48
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vh5JUwdYAJWDuhDXrKRadBVriEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.154.0/24
Signature Algorithm: sha256WithRSAEncryption
39:4a:75:98:48:b6:65:ab:3b:65:75:80:54:7c:8d:e1:ae:b2:
bb:d8:c2:b2:65:ab:3e:27:37:94:d2:ab:d9:21:e6:9e:1f:53:
e3:dc:d2:3d:54:fe:a6:ad:cc:1c:7a:8e:60:db:5d:1b:68:ff:
bd:73:3c:e7:c6:4c:ca:0e:1b:16:6e:ce:2c:b3:a8:b4:75:ad:
1a:a9:55:44:b5:68:7a:7c:f9:8e:95:27:59:d3:48:8c:e2:b2:
61:31:79:0e:57:e2:5f:30:39:c4:3c:fa:53:ed:e7:b1:1f:6f:
43:1c:ad:da:27:a6:2b:5b:8b:c7:05:1e:70:a6:22:5b:00:1e:
71:c4:9c:12:79:ff:83:e5:d6:46:91:f9:98:b8:41:23:21:05:
f2:e1:05:96:24:81:ae:ec:f9:51:c8:d2:31:1c:8d:2d:d5:b2:
12:45:64:9a:ed:90:b5:d9:3d:35:e1:ad:06:9d:6f:46:91:d1:
91:81:15:51:3d:26:be:9d:36:9e:65:8d:76:f4:48:56:f5:fe:
ee:21:e5:8c:df:58:52:a6:ad:7e:0f:26:17:69:ab:12:2d:95:
b5:fd:3e:17:1d:5f:db:b7:94:76:88:95:9e:57:4d:0d:53:48:
5e:0a:ee:0b:05:fa:74:4f:40:a9:67:35:43:a7:0b:ea:cc:8d:
aa:6a:68:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYs+ZPjYlCT3pwxR+xDoM25VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMDE3MTYwODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTFlNDk1MzA3NTgwMDk1ODNiYTEwZDdhY2E0NWE3NDE1NmI4ODQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA458JX+XNiuaFsppz2NCd3qfcTDdo
Z43XpHVknfNgLayxrw+HEFtGmyGdv8hvC/cEm0BFxjCnFOn2YBlDUJBy9VrP6Ht1
lwHypVHsy1fODeCH5+DtuTOQssOwm5bcBDebhNNndsfXkasoJgkYr8s6qnzkWnt3
MkJ7fRBV9wthKeZJDPUHa8L3NLbBrNkgN5HJSI5KzXR5GH9GY9josiPYRu58pyUP
d5rxv71nCU/3SQKaq3c7q9CmOd5LlBWzo+0g4o2unJeh48MRwAIRvQ3Drq+31Jx6
kPqJsvwIreeJLGhYsWgmkq/K7T4fBG/K3rSubYPp0eoTDqWOfw7QAkF+jQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL4eSVMHWACVg7oQ16ykWnQVa4hIMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdmg1SlV3ZFlBSldEdWhEWHJLUmFkQlZyaUVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWaMA0G
CSqGSIb3DQEBCwUAA4IBAQA5SnWYSLZlqztldYBUfI3hrrK72MKyZas+JzeU0qvZ
IeaeH1Pj3NI9VP6mrcwceo5g210baP+9czznxkzKDhsWbs4ss6i0da0aqVVEtWh6
fPmOlSdZ00iM4rJhMXkOV+JfMDnEPPpT7eexH29DHK3aJ6YrW4vHBR5wpiJbAB5x
xJwSef+D5dZGkfmYuEEjIQXy4QWWJIGu7PlRyNIxHI0t1bISRWSa7ZC12T014a0G
nW9GkdGRgRVRPSa+nTaeZY129EhW9f7uIeWM31hSpq1+DyYXaasSLZW1/T4XHV/b
t5R2iJWeV00NU0heCu4LBfp0T0CpZzVDpwvqzI2qamg1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org